Cybersecurity Supports



What Supports are Available to Enhance On-Farm Cybersecurity?

There are multiple valuable avenues to explore to get cybersecurity support. Check out each support option below to learn more about them.


Lock Cybersecurity Service Providers

Hiring a cybersecurity consultant, or service provider, especially one who understands digital agriculture, is an excellent way to enhance and maintain your farm’s cybersecurity. 

A cybersecurity expert can be engaged at any point, but it is best if they are engaged before a cyber incident. Preparing and preventing is always more cost effective than responding to an incident. 

Your service provider should have an appropriate certification, knowledge and experience related to assessing vulnerabilities, developing risk and incident management programs for businesses, implementing, auditing and testing controls. Some examples of relevant certifications are:
  • CISSP (Certified Information Systems Security Professional);
  • CISA (Certified Information Security Auditor);
  • CISM (Certified Information Security Manager). 

An updated list of cybersecurity certifications is posted on the following Canadian Centre for Cyber Security website:

Some cybersecurity providers also offer managed detection and response (MDR), which are fee-based services that monitor and respond to threats, 24/7. Farm operations that have already been victims of ransomware exploits, or another cyber incident, might benefit from the peace of mind of using MDR services. It is unfortunately true that cyber criminals could come back again for another ransomware attack, or they might sell victim information to other criminals who could use it to launch a new exploit against the same farm. 



Canada Flag Canadian Centre for Cyber Security

The  Canadian Centre for Cyber Security , or the Cyber Centre, is Canada’s authority on cybersecurity. It works to protect and defend the country’s cyber assets by providing advice, publications, reports, threat assessments, education, cyber-audit tools, news, and other resources for individuals, small- and medium-sized businesses, and large organizations. 

The Cyber Centre also provides a way to report cyber incidents:  Report a cyber incident .

If you would like to go much deeper than the information presented in this module the Cyber Centre has two dedicated web pages oriented towards the needs of small- and medium-sized businesses: 

Keep in mind that these pages are written using more technical language and are not addressing agriculture specific applications.



Warning Get Cyber Safe

 Get Cyber Safe  is a national public awareness campaign created by the Government of Canada to inform Canadians about cybersecurity and the simple steps they can take to protect themselves online. This resource is oriented towards the general public. As a result it presents information in more accessible language than the  Canadian Centre for Cybersecurity 



Military Medal CyberSecure Canada

 CyberSecure Canada  is a voluntary federal certification program designed for small- and medium-sized enterprises and other organizations in Canada to help improve cybersecurity practices. 



Page with Curl JusTech

 JusTech  is a free privacy breach management tool that can help streamline your response to a data breach. In the event of a cyber incident the JusTech tool can provide business owners with multiple documents they will need, such as: 
  • Personal Information Protection and Electronic Documents Act (PIPEDA) breach reporting form.
  • Client notification letter.
  • Internal communication letter.
  • How-to-guide for breach reporting.
  • Sample cybersecurity policies.



Police Officer Law Enforcement

Despite cybercrime taking place online, the effects are no less impactful than other forms of crime. Police services are mandated to ensure public safety, regardless of what medium criminals use. That being said, local law enforcement has limited capacity to investigate cybercrimes. 

It’s always a good idea to report cybercrime. If you believe a cybercrime presents an immediate threat to your life - call 911. Otherwise, it is better to use your local police unit’s non-emergency line. Not all local police units will be equipped to deal with cybercrime - especially international cybercriminals - but they can take your report and send it to other agencies that operate internationally. 

You can also report your incident to the  Canadian Anti-Fraud Centre . The CAFC assists law enforcement by maintaining a central repository of information to assist with investigations. The CAFC suggests reporting cybercrime and fraud using their service if someone:
  • Is pretending to be you online.
  • Locked your computer or device and is demanding payment to unlock it.
  • Put malicious software or a virus on your computer.
  • Is blackmailing you or demanding you pay money.
  • Sent you updated banking details to ask you to send money.
  • Deceived you into purchasing something online, or into making a donation.
  • Sold you a product on a free trial basis with hidden recurring charges.
  • Tried to get you to provide confidential information by posing as a bank or other organization (phishing attempt).

If you have concerns about terrorism, espionage, foreign interference or cyber-tampering affecting critical infrastructure like vital food systems you can make a report to the  Canadian Security Intelligence Service (CSIS) 

The  RCMP  has a helpful guide on what to do, what materials to keep, and who to report to if you’ve been cyberattacked. Many of these elements are useful when creating your farm’s own cyber security  💼Business Continuity plan.

Never hesitate to call your local police service if someone is bullying, harassing, or exploiting you sexually online or you have concerns about international crime or serious violence.



Busts in Silhouette Your Peer Network

Through this module, you’ve gained useful agricultural cybersecurity knowledge that you can share with other farmers in your network. Farmers are already skilled risk managers, considering factors of weather, environment, and markets in their decision making. Cybersecurity is just another type of risk that can be incorporated into existing risk management practices.

When you share your cybersecurity learnings, you become a support to others in your community. In turn, they can share their knowledge as well. Then, when a cyberattack occurs in the community, you and your peers will know who to turn to.  Your peer network is one of the most valuable resources you have in building your cybersecurity awareness and preparedness.



Next:  💼Business Continuity